﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using PSE.Framework.Service.Security.SecurityTokenService.ClaimsProcessor;
using System.IdentityModel.Tokens;
using System.IdentityModel.Claims;
using System.ServiceModel;
using PSE.Framework.Service.Security.Identity;
using PSE.Framework.ProviderLoader;
using PSE.Framework.ProviderLoader.Configuration;

namespace PSE.Framework.Service.Security.SecurityTokenService.Providers
{
    public class ClaimsProcessorProvider : BaseProvider, IClaimsProcessor
    {
        public ClaimsProcessorProvider(ProviderConfigurationElement configuration)
            : base(configuration)
        {
        }

        public void ProcessUserClaims(ref List<SamlAttribute> attributes)
        {
            System.IdentityModel.Policy.AuthorizationContext athzContext = OperationContext.Current.ServiceSecurityContext.AuthorizationContext;

            foreach (ClaimSet claimSet in athzContext.ClaimSets)
            {
                //recuperar a claim referente ao Login do usuario
                foreach (Claim claim in claimSet.FindClaims(BaseClaimTypes.Identity.LoginName, Rights.PossessProperty))
                {
                    attributes.Add(new SamlAttribute(claim));
                }
                //recuperar a claim referente ao Password do usuario
                foreach (Claim claim in claimSet.FindClaims(BaseClaimTypes.Identity.Password, Rights.PossessProperty))
                {
                    attributes.Add(new SamlAttribute(claim));
                }
            }
        }
    }
}
